IT organizations are under increasing pressure to meet the business goals of their companies. This challenge can be particularly daunting because it involves complying with regulations, such as the Sarbanes-Oxley Act (Sarbox) and Basel II. Compliance requires strong corporate governance capabilities that are demonstrable to outside auditors. Because IT plays such a major role in business processes, the IT organization not only creates complexity for the business, but at the same time, provides the means to demonstrate this compliance. Organizations rely on guidelines such as the IT Infrastructure Library (ITIL®) and Control Objectives for Information and related Technology (COBIT) to help understand and address these challenges. ITIL and COBIT can enable organizations to achieve three objectives: - Establish proven best practice IT service management processes to manage IT from a business perspective and achieve business goals, including that of compliance - Put in place clear process goals, based on the organization’s business goals, and provide a means of measuring progress against them - Ensure effective IT governance and control at the process level, and enable IT to demonstrate that it meets or exceeds the requirements set forth by government or external regulations There is, however, confusion in IT organizations concerning these frameworks. Some think they are two alternate approaches to the same goal, and others think they are mutually exclusive. Actually, they are highly complementary, and together provide greater value than using just one or the other. COBIT outlines what you need to do to meet these challenges and ITIL shows you how to get there. This paper discusses how ITIL and COBIT can be used together. The paper: - Presents overviews of ITIL and COBIT - Describes how ITIL and COBIT are complementary - Discusses the need to use systems-based solutions to ensure success in implementing these frameworks, and presents criteria that these solutions should meet.
Back to Top
Back to Top